File size

File size

File size

File size

File size

186.0 B

A few months ago, I
interviewed
Byron Cook, a researcher at
MSR Cambridge, about his work on
Terminator, which is a proof-based analysis tool used for proving that good things will eventually happen in unmanaged code paths. That is, it's a very good thing for code to stop executing eventually otherwise system hangs occur (drivers are the number
one cause of system hangs and other undesirable system-wide problems).

Terminator is designed to help developers find bugs in their code that cause non-terminating execution. Many of you provided feedback after the last interview that Byron should have gone a bit deeper into the technology, including whiteboarding proofs. Well,
he was recently in Redmond and agreed to be the next participant in
Going Deep.

Here we dig into the details of Terminator on the whiteboard and even see a demo of Terminator running over some DDK (Driver Development Kit) sample C code.

Fasten your seat belts. We do jump head first into the rabbit hole.

Enjoy!

PS: The Download file (pointed to from the Download button below) was encoded at 512Kbs. If you want a higher bit rate file you can click
here.

Great video. I remember reading a piece some time ago about militairy software, and proofing correct operation of it. If I remember correctly, they where able to proof the complete application/system, not just the device drivers. Now I wander if maybe
there are programming languages for which it is much easier to find proof of correct functioning that it is for c(++)?

ilmar, you need to keep in mind that provable systems for the military and other safety critical applications (especially subsystems on airplanes) are written in a subset of the ADA language called SPARK. they got rid of possibly dangerous or hard to proof
constructs and added annotations for static verifiers (a bit like SAL in the microsoft sdks but more elaborate) which resulted in a language that facilitates proofs.
you might want to read up a bit on ada and spark: it's a fascinating world for die-hard c++ programmers especially.

to the above post. You can't pass an infinite positive in a system which can represent only finite numbers, however the different permutations of the state transitions could be infinite (or at least of a much larger order), so hence the point can you terminate
the state transitions passing a finite number.

Remove this comment

Remove this thread

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation,
please create a new thread in our Forums, or
Contact Us and let us know.